You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@qpid.apache.org by "Justin Ross (JIRA)" <ji...@apache.org> on 2016/11/04 22:13:58 UTC

[jira] [Reopened] (PROTON-1173) Proton C core dump in face of channel-max protocol violation

     [ https://issues.apache.org/jira/browse/PROTON-1173?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Justin Ross reopened PROTON-1173:
---------------------------------

> Proton C core dump in face of channel-max protocol violation
> ------------------------------------------------------------
>
>                 Key: PROTON-1173
>                 URL: https://issues.apache.org/jira/browse/PROTON-1173
>             Project: Qpid Proton
>          Issue Type: Bug
>          Components: proton-c
>    Affects Versions: 0.11.1
>            Reporter: Chuck Rolke
>             Fix For: 0.13.0
>
>
> A rogue client creates a session on a channel higher than the channel-max exchanged at connection open.
> {noformat}
> Mon Apr 11 10:34:27 2016 SERVER (trace) [1]:pn_session: too many sessions: 1  channel_max is 0 (/home/chug/git/qpid-dispatch/src/server.c:116)
> Program received signal SIGSEGV, Segmentation fault.
> 0x00007ffff793b84a in pn_do_begin (transport=0x6a4bd0, frame_type=0 '\000', channel=1, args=0x7c1f60, payload=0x7fffffffd2c0)
>     at /home/chug/git/qpid-proton/proton-c/src/transport/transport.c:1205
> 1205	  ssn->state.incoming_transfer_count = next;
> Missing separate debuginfos, use: debuginfo-install nss-mdns-0.10-15.fc21.x86_64
> (gdb) 
> (gdb) list
> 1200	    // XXX: what if session is NULL?
> 1201	    ssn = (pn_session_t *) pn_hash_get(transport->local_channels, remote_channel);
> 1202	  } else {
> 1203	    ssn = pn_session(transport->connection);
> 1204	  }
> 1205	  ssn->state.incoming_transfer_count = next;
> 1206	  pni_map_remote_channel(ssn, channel);
> 1207	  PN_SET_REMOTE(ssn->endpoint.state, PN_REMOTE_ACTIVE);
> 1208	  pn_collector_put(transport->connection->collector, PN_OBJECT, ssn, PN_SESSION_REMOTE_OPEN);
> 1209	  return 0;
> (gdb) p ssn
> $1 = (pn_session_t *) 0x0
> (gdb) 
> {noformat}
> Session is null and SEGV is what happens.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org